0 votes

We have the Skype for business Basic working correctly in Adaxes. However we need add to the server and grant specific options (screen sharing). We have the script below but it is not working.

$lyncServer = "csfe01.anon.com" # TODO: Modify me

$sessionOptions = New-PSSessionOption -SkipRevocationCheck -SkipCACheck -SkipCNCheck
$session = New-PSSession -ConnectionUri https://$lyncServer/ocspowershell `
    -SessionOption $sessionOptions -Authentication NegotiateWithImplicitCredential

Import-PSSession -session $session

Grant-CsConferencingPolicy -identity "%username%" -PolicyName "Conferencing Enabled" # Assign a Conferencing Policy
#Grant-CsPinPolicy -Identity "%userPrincipalName%" -PolicyName MyPinPolicy # Assign a PIN Policy
#Grant-CsExternalAccessPolicy -Identity "%userPrincipalName%" -PolicyName MyAccessPolicy # Assign an External Access Policy
#Grant-CsArchivingPolicy -Identity "%userPrincipalName%" -PolicyName MyArchivingPolicy # Assign an Archiving Policy
#Grant-CsMobilityPolicy -Identity "%userPrincipalName%" -PolicyName MyMobilityPolicy # Assign a Mobility Policy
#Grant-CsPersistentChatPolicy -Identity "%userPrincipalName%" -PolicyName MyPersistentChatPolicy # Assign a Persistent Chat Policy

Remove-PSSession -Session $session
by (3.2k points)
0

Hello,

We have the script below but it is not working.

Could you send us or post here screenshots of the error messages?

However we need add to the server

Could you specify, what you mean exactly?

0


Screenshot is above.

Could you specify, what you mean exactly

We can add too the server just fine, we need to be able to add a conferencing policy to allow screen sharing to certain users. We were doing this through the custom command option that we posted previously.

1 Answer

0 votes
by (228k points)
selected by
Best answer

Hello,

Thank you for the provided details. We encountered the issue before. It is a bug in Skype for Business. We've already reported it to Microsoft, together with a couple of other users, but have not received any relevant response for them. The issue can occur from time to time, we didn't find any regular pattern. As we found during our tests, when the issue occurs, an attempt to enable the user for Skype once more should succeed.

We have updated your script to work around the issue:

$lyncServer = "csfe01.anon.com" # TODO: Modify me
$connectAttemptCount = 3 # TODO: Modify me

$sessionOptions = New-PSSessionOption -SkipRevocationCheck -SkipCACheck -SkipCNCheck
for ($i = 0; $i -lt $connectAttemptCount; $i++)
{
    try
    {
        $session = New-PSSession -ConnectionUri https://$lyncServer/ocspowershell `
            -SessionOption $sessionOptions -Authentication NegotiateWithImplicitCredential -ErrorAction Stop
        $errorMessage = $NULL
    }
    catch
    {
        $errorMessage = $_.Exception.Message
        continue
    }
}

if ($errorMessage)
{
    $Context.LogMessage("An error occured when creating remote PowerShell session to server '$lyncServer'. Error: $errorMessage", "Error")
    return
}

Import-PSSession -session $session

Grant-CsConferencingPolicy -identity "%username%" -PolicyName "Conferencing Enabled" # Assign a Conferencing Policy
#Grant-CsPinPolicy -Identity "%userPrincipalName%" -PolicyName MyPinPolicy # Assign a PIN Policy
#Grant-CsExternalAccessPolicy -Identity "%userPrincipalName%" -PolicyName MyAccessPolicy # Assign an External Access Policy
#Grant-CsArchivingPolicy -Identity "%userPrincipalName%" -PolicyName MyArchivingPolicy # Assign an Archiving Policy
#Grant-CsMobilityPolicy -Identity "%userPrincipalName%" -PolicyName MyMobilityPolicy # Assign a Mobility Policy
#Grant-CsPersistentChatPolicy -Identity "%userPrincipalName%" -PolicyName MyPersistentChatPolicy # Assign a Persistent Chat Policy

Remove-PSSession -Session $session
0

We updated the script and ran three times and each time received the message below.

0

Hello,

Could you send us or post here a screenshot of your Business Rule configuration? We need something like the following:

Could you specify if the object tutorial had an account in Skype for Business prior to script execution?

How many domain controllers do you have?

0

Screenshot below.
The object Tutorial did not have Skype for Business previously, we can add the built in command for Skype for Business without issue and the removal works as well.
We have 4 domain controllers in our environment.

0

Hello,

As you have 4 DCs the error might be related to synchronization. When you ran the script Skype for Business server connected to a DC that had no information about enabling an account for the user. We updated the script accordingly. If you face the same error again, it will mean that the user does not have an account in Skype for Business.

$lyncServer = "csfe01.anon.com" # TODO: Modify me
$connectAttemptCount = 3 # TODO: Modify me

try
{
    $sessionOptions = New-PSSessionOption -SkipRevocationCheck -SkipCACheck -SkipCNCheck
    for ($i = 0; $i -lt $connectAttemptCount; $i++)
    {
        try
        {
            $session = New-PSSession -ConnectionUri https://$lyncServer/ocspowershell `
                -SessionOption $sessionOptions -Authentication NegotiateWithImplicitCredential -ErrorAction Stop
            $errorMessage = $NULL
        }
        catch
        {
            $errorMessage = $_.Exception.Message
            continue
        }
    }

    if ($errorMessage)
    {
        $Context.LogMessage("An error occured when creating remote PowerShell session to server '$lyncServer'. Error: $errorMessage", "Error")
        return
    }

    # Get domain controller FQDN for the user's domain
    $domainName = $Context.GetObjectDomain("%distinguishedName%")
    $rootDSE = $Context.BindToObject("Adaxes://$domainName/rootDSE")
    $domainControllerFQDN = $rootDSE.Get("dnsHostName")

    Import-PSSession -session $session

    Grant-CsConferencingPolicy -identity "%username%" -PolicyName "Conferencing Enabled" -DomainController $domainControllerFQDN # Assign a Conferencing Policy
    #Grant-CsPinPolicy -Identity "%userPrincipalName%" -PolicyName MyPinPolicy -DomainController $domainControllerFQDN # Assign a PIN Policy
    #Grant-CsExternalAccessPolicy -Identity "%userPrincipalName%" -PolicyName MyAccessPolicy -DomainController $domainControllerFQDN # Assign an External Access Policy
    #Grant-CsArchivingPolicy -Identity "%userPrincipalName%" -PolicyName MyArchivingPolicy -DomainController $domainControllerFQDN # Assign an Archiving Policy
    #Grant-CsMobilityPolicy -Identity "%userPrincipalName%" -PolicyName MyMobilityPolicy -DomainController $domainControllerFQDN # Assign a Mobility Policy
    #Grant-CsPersistentChatPolicy -Identity "%userPrincipalName%" -PolicyName MyPersistentChatPolicy -DomainController $domainControllerFQDN # Assign a Persistent Chat Policy
}
finally
{   
    if ($session) { Remove-PSSession -Session $session }
}
0

Okay thank you, so does the user have to be on the server first and then run this script? Or does this script create if needed and then add the policy as directed?

0

Hello,

so does the user have to be on the server first and then run this script?

Yes, that is correct.

You can enable users for Skype for Business (Lync) using the Enable or disable for Lync action. For information about the action check the Enable or disable for Lync section of the following help article: http://www.adaxes.com/help/?UsingAdmini ... ialog.html.

0

ok, that worked when adding the basic to a user first.

Question, would it work if we made a custom command to adding the Skype first and then ran this script?

0

Hello,

Yes, it should work.

Related questions

0 votes
1 answer

Currently getting this error when enabling a user for Skype for Business: No cmdlets have been authorized for use by the RBAC role that the user belongs ... minimum required permissions that the Adaxes account needs to manage Skype for Business functionality?

asked Dec 16, 2021 by thedoo (60 points)
0 votes
1 answer

"Connecting to remote server <<FQDN Servername>> failed with the following error message : The server certificate on the destination computer (<<FQDN servername: ... ? This may help to diagnose the issue with schannel on the skype server.

asked Mar 5, 2020 by mark.it.admin (2.1k points)
0 votes
1 answer

One of the features I noticed being called out in the 2019 update was the ability to control some Skype for Business attributes for a user. Looking at users in my environment ... can be used to manage online users, what admin roles are required on Office 365?

asked Aug 12, 2019 by blaiseb (120 points)
0 votes
1 answer

Hi! Is there a way to have ADAxess move mailboxes to a new Exchange server/store if the user becomes Skype for Business enabled ? The logic would be something that if the mailbox is ... already are SFB enabled but not moved, but does it one by one .... /Kaj

asked Sep 7, 2017 by KajLehtinen (650 points)
0 votes
1 answer

I'm building my first rule to license users in Office365. When the rule runs it fails to find the Usage Location which is based on the Country (default settings). I ... runs before the "assign 365 license" rule. Why am I not getting Usage Location populated?

asked Jul 20, 2020 by ComputerHabit (790 points)
2,807 questions
2,541 answers
6,615 comments
65,717 users